1. Technical Field
The present invention relates generally to security in processing systems, and more particularly, to a methodology for backing up and restoring keys for exporting and importing machine contexts in a replacement device when no functioning trusted device is available.
2. Description of the Related Art
Present-day computing systems, and in particular large-scale server systems, often include support for running multiple virtual machines. The system may be a large-scale on-demand server system that executes hundreds of server instances on a single hardware platform to support customers with varying computing requirements. In the most flexible of these systems, multiple partitions, which may differ in operating system and application mix, are concurrently present in system memory and processes executing in each partition are run in an environment that supports their execution on a guest operating system. The virtual machine provides an environment similar enough to a real hardware platform that the operating system can run with little or no modification. A hypervisor (sometimes referred to as a virtual machine monitor) manages all of the virtual machines or partitions and abstracts system resources so that each partition provides a machine-like environment to each operating system instance.
To implement the above architectural goals, multiple processing modules and other devices are installed in a system, and each device generally supports one or more of the above-described partitions, although it is possible to share tasking on a partition between multiple devices. Groups of devices or an individual device may be associated with a particular customer and it is desirable to secure access to a device or group by only that customer including securing the devices from the manufacturer of the devices and system.
The above-incorporated Patent Application describes a mechanism for binding an initial trusted device to the system, when either a first trusted device is newly installed in a system or when replacing the last trusted device in a system previously populated with one or more trusted devices. The mechanism provides for field binding and remote verification of a trusted device. Typically such binding has to be performed at the manufacturer's site for security reasons, but the above-incorporated Patent Application discloses installation and replacement alternatives that can be performed in the field. However, there are other security mechanisms that are also unique to a trusted device (or group of trusted devices) that also require tokens that are typically only installed at the manufacturer's sites or generated within the device itself. One such security mechanism is known as a “Context Encryption Key”—a symmetric key that is used to import and export trusted device states (contexts) to and from one or more trusted devices so that virtual machines (or at least the trusted device portion of a virtualized machine state) can be “swapped out” or stored at a fault or power-down. The contexts of the trusted devices are stored on external storage outside of the trusted devices, but are secured cryptographically when outside the trusted devices. The CEK is typically generated within the initial trusted device in the system and is propagated as needed to other trusted devices in the system after they are bound.
However, when installing a replacement trusted device when no other trusted device remains in the system, a newly-generated CEK cannot decrypt existing exported contexts for the virtualized trusted devices that were either running on the system at failure or shutdown or were swapped out to storage.
Therefore, it would be desirable to provide a mechanism to securely backup and restore a context encryption key from a predecessor device and to a replacement trusted device of a system. It is also desirable that the restore be performed when no other device having the key is present in the system. It would further be desirable to provide such a method in which the manufacturer verifies that the CEK is being installed in a device that is properly bound to a particular system.